sneak/upaas
1
0
Fork 0
Code Issues 9 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

refactor: switch API from token auth to cookie-based session auth

Browse Source 
- Remove API token system entirely (model, migration, middleware)
- Add migration 007 to drop api_tokens table
- Add POST /api/v1/login endpoint for JSON credential auth
- API routes now use session cookies (same as web UI)
- Remove /api/v1/tokens endpoint
- HandleAPIWhoAmI uses session auth instead of token context
- APISessionAuth middleware returns JSON 401 instead of redirect
- Update all API tests to use cookie-based authentication

Addresses review comment on PR #74.
This commit is contained in:
user
2026-02-16 00:31:10 -08:00
parent 0536f57ec2
commit 9ac1d25788
7 changed files with 221 additions and 407 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/handlers/handlers_test.go
View File

@@ -169,11 +169,10 @@ func setupTestHandlers(t *testing.T) *testContext {
require.NoError(t, handlerErr)
mw, mwErr := middleware.New(fx.Lifecycle(nil), middleware.Params{
Logger: logInstance,
Globals: globalInstance,
Config: cfg,
Auth: authSvc,
Database: dbInstance,
Logger: logInstance,
Globals: globalInstance,
Config: cfg,
Auth: authSvc,
})
require.NoError(t, mwErr)